Feeds

Feds probe alleged World Cup bid email hack

We wuz robbed

SANS - Survey on application security programs

Federal investigators are investigating claims that email accounts of the US bid team for the 2022 World Cup were hacked of part of an alleged dirty tricks campaign that may also have affected the 2018 bid process.

FBI agents questioned members of England's failed 2018 bid team last month as part of a wider investigation over corruption surrounding the bid process and Fifa's affairs more generally. No one in the England bid team is suspected of any wrongdoing, The Daily Telegraph reports.

The inquiry centres around the alleged bribery of Caribbean football officials by Mohammed Bin Hammam, who ran against Sepp Blatter for the Fifa presidency this year. Bin Hammam, a Qatari national who withdrew his bid on the eve of an ethics committee meeting in May, received a lifetime ban from Fifa after it found him responsible for offering $40,000 (£25,000) bribes to Caribbean football officials. Jack Warner, former Fifa vice president and president of the Caribbean Football Union, resigned from roles in international football after an initial Fifa inquiry implicated him in the scandal.

The award of the honour of hosting the 2018 and 2022 World Cup competitions to Russia and Qatar, respectively, have been among the most contentious in Fifa's history. Just before the vote in October 2010 the voting right of two members of Fifa’s 24-man executive committee were suspended over allegations that they were open to selling their vote.

Much of the FBI inquiry concerns the transport of large amounts of currency through US borders, an offence if the cash is not declared. A New York-based FBI squad tasked with investigating “Eurasian organised crime” has also been taking an interest in the matter since late August.

The email hacking allegations are new and, at present at least, somewhat vague. The FBI has reportedly collected “substantial evidence” documenting efforts to hack into the emails of US bid executive, who competed alongside their counterparts from South Korea, Australia, Qatar and Japan for the right to host the 2022 edition of football's greatest tournament.

Qatar, a small desert country in the Middle East with no football heritage and a climate wholly unsuited to the beautiful game, emerged as the surprise winner of the 2022 bid.

It's still unclear if the tournament will be moved to winter 2022 rather than its traditional slot of June and July. The country made a poor show of hosting the much smaller Asian Cup 2011, locking 5,000 ticket-holding fans out of the final match between Japan and Australia back in January, raising yet further doubts already fuelled by its poor human rights record and even over its inability to host hundreds of thousands of visiting football fans.

Russia, by contrast, has a large and expanding fan base, a healthy national football league and a World Cup heritage.

Why hack it?

Access to the email accounts of rival bid teams would have exposed plans to canvass support and would have given unscrupulous parties a huge edge in attempting to persuade voters to side with any particular bid.

In a statement, the Russia 2018 organising committee told The Telegraph that it was unaware of any FBI investigation. "Russia 2018 will not comment on speculation: the LOC [local organising committee] has not been contacted regarding any investigation, nor have we been made aware that any such investigation exists," it said.

"We at Russia 2018 are proud of the way we conducted ourselves throughout a long and highly competitive campaign; as an LOC, we are driven by exactly the same transparency, commitment to excellence and spirit of Fair Play that underpinned our successful bid."

Qatar and Bin Hamman also deny allegation of corruption in desert kingdom's World Cup bid campaign.

More commentary on the information security aspects of the FBI's ongoing probe can be found in a blog post by net security firm Sophos here. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.